QR phishing is a type of phishing attack that uses QR codes to trick victims into revealing sensitive information or downloading malware. Scammers may use QR codes in emails, text messages, social media, public places, or even approach people directly to scan them. To protect yourself, be suspicious of unsolicited QR codes, check the URL before scanning, use a QR code scanner app, keep your software up to date, be wary of QR codes in public places, don't scan QR codes from unknown people, and if unsure, don't scan it.
Scammers may send them in emails, text messages, or social media. If you don't recognize the sender or the message, don't scan the code.
If you receive a QR code from a company you know and trust, contact them directly to confirm its legitimacy before scanning.
Be wary of QR codes that create a sense of urgency, appeal to your emotions, or have poor grammar.
Make sure the URL matches the website you expect to visit before scanning.
Don't give out sensitive information, such as login credentials or credit card numbers, to a website you reached through a QR code.
For more information, email cyberaware@purdue.edu.